From b82202f41123e3d34f8c0216eb6cd39c5c267e91 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Wed, 2 Nov 2005 16:53:40 +0000 Subject: [PATCH] * gpg.sgml: Clarify what is and isn't included in a "clean sigs". --- doc/ChangeLog | 4 ++++ doc/gpg.sgml | 20 +++++++++++--------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/doc/ChangeLog b/doc/ChangeLog index d3febbf25..551f42125 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,7 @@ +2005-11-02 David Shaw + + * gpg.sgml: Clarify what is and isn't included in a "clean sigs". + 2005-10-27 David Shaw * gpg.sgml: Document backsign, --require-backsigs, and diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 39b44274f..a5b454fda 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -548,9 +548,9 @@ keep keys neat and clean, and it has no effect aside from that. sigs Remove any signatures that are not usable by the trust calculations. -For example, this removes any signature that does not validate. It -also removes any signature that is superceded by a later signature, or -signatures that were revoked. +Specifically, this removes any signature that does not validate, any +signature that is superceded by a later signature, revoked signatures, +and signatures issued by keys that are not present on the keyring. @@ -567,7 +567,7 @@ If invoked with no arguments, both `sigs' and `uids' are cleaned. backsign - + Add back signatures to signing subkeys that may not currently have back signatures. Back signatures protect against a subtle attack against signing subkeys. See --require-backsigs. @@ -1402,8 +1402,9 @@ any new keys to be imported. Defaults to no. import-clean-sigs After import, remove any signatures from the new key that are not -usable. This is the same as running the --edit-key command "clean -sigs" after import. Defaults to no. +usable. This includes signatures that were issued by keys that are +not present on the keyring. This option is the same as running the +--edit-key command "clean sigs" after import. Defaults to no. @@ -1464,9 +1465,10 @@ out any signatures that are not self-signatures. Defaults to no. export-clean-sigs -Do not export any signatures that are not usable. This is the same as -running the --edit-key command "clean sigs" before export. Defaults -to no. +Do not export any signatures that are not usable. This includes +signatures that were issued by keys that are not present on the +keyring. This option is the same as running the --edit-key command +"clean sigs" before export. Defaults to no.